I created an ec2-instance with amazon-linux as my OS. I use to connect to the instance using PUTTY. everything was fine. now i changed the permission of some files in the instance to 0777 using chmod command. by mistake the permission of .pem file in the instance also got changed and i'm not able to connect the insatnce . getting error like Permission denied (public key).Is there any way to change the permission of .pem file in the ec2-instance ?
If you cant log in with the root user, nor any other user who could then elevate their privileges to root, you've probably bricked the machine. I dont believe, for example, Amazon will even retain a backdoor into the VM.
Related
I am trying to SSH into my AWS EC2 instance. I am not using putty. I am using Virtual Environment and python SDK instead. So before I SSH into the server, I need to activate the virtual environment. But it is not working as I expected. This is what I have done so far.
I activated the virtual environment running the following command.
~\eb-ve\Scripts\activate
It was activated. Then I downloaded the SSH Key in pem format which is attached to my EC2 server. After I have download, the file I changed the permission of the file as follow.
chmod 0400 ForkProd.pem
Then I tried to SSH into the server running the following command.
ssh -i "ForkProd.pem" root#ec2-13-229-232-13.ap-southeast-1.compute.amazonaws.com
Then I got the following error.
Permissions for 'ForkProd.pem' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key "ForkProd.pem": bad permissions
root#ec2-13-229-232-13.ap-southeast-1.compute.amazonaws.com: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
I remember I did the same to the other project before and it worked. I am not sure what went wrong this time. What is wrong with the configuration and how can I fix it?
I've definitely had this issue in the past on Windows machines. If I remember correctly and your permissions on the key all check out, then it might be something to do with the .pem key being in your home directory or the root.
If you move the .pem into a less 'global' folder e.g. C:\Users\your-username\Documents\ForkProd.pem you may have better luck.
edit: +1 for the link from jarmod in the comments above
I have created an ec2-intance on AWS. But when im trying to connect to it by using my .pem file, im getting error message: Permission denied (publickey,gssapi-keyex,gssapi-with-mic). I have changed the permission to this file by chmod 400 myfile.pm.
This is the command i use to connect to my instance: ssh -i ec2demo.pem ec2demo#ec2-35-158-140-25.eu-central-1.compute.amazonaws.com
I also searched for the issue on internet, and some people say i need to type chmod 600 myfile.pem. It still not works. Im using macOS Mojave, and the ssh client integrated. Do i need to install the AWS-CLI to make it works? Or should it work without AWS-CLI? And is it better to use ssh client from homebrew, or?
Thanx for help
When launching a new Amazon Linux instance on Amazon EC2, the public half of the keypair is copied to:
/users/ec2-user/.ssh/authorized_keys
You can then login to the instance using the private half of the keypair:
ssh -i key.pem ec2-user#1.2.3.4
(Or, you can use a DNS name instead of an IP address.)
It sounds like you have not logged into this instance yet, so make sure you login as ec2-user instead of ec2demo. The name of the instance does not impact the Linux user on the instance.
I am trying to get a Django app running on Amazon EC2. I currently have my .pem file saved in the root of my Django project.
When I try this
chmod 600 oby.pem
ssh -i oby.pem ubuntu#52.0.215.90
in my mac terminal, I receive this error: Permission denied (publickey).
To begin, am I saving the my oby.pem file in the right location? If not, where should it go?
Furthermore, what are the necessary steps to correctly set up the ssh key?
Thank you!
I created a fresh Adobe Media Server 5 (aka Flash Media Server) instance on Amazon EC2 AWS, I connected over SSH and changed the default password, everything looks ok. But the amsadmin account doesn't seem to have enough access to administrate the instance. I can read most of the files and folders (access denied for /lib; /lost+found and /root).
I can connect ok
ssh -i key.pem amsadmin#public-dns.amazonaws.com
I can upload to the media folder
scp -i key.pem test.f4v amsadmin#public-dns.amazonaws.com:/mnt/applications/vod/media
I can't upload content to webroot; for example if I wanted to add a crossdomain.xml file to the web root.
scp -i key.pem crossdomain.xml amsadmin#public-dns.amazonaws.com:/mnt/webroot/
I can't create a directory; I want to setup S3 to store content, step 5 says to:
Create a directory on the instance to mount the S3 bucket, for example, /mnt/s3fs.
But under the amsadmin account I get an access denied error, is this expected?
How can I get access to these restricted areas?
Update:
I tried executing the commands with sudo and I entered the correct password for amsadmin, got "Sorry, try again".
Do I need to setup a root account?
Figured it out, I needed to run the commands using sudo sh after connecting to the instance via SSH.
I'm trying to download access logs from an AWS EC2 instance to my local machine using the following command:
scp -i private-key.pem ec2-user#ec2-public-dns-address:/path/to/filename
But I keep getting an error saying "Permission Denied" (rather than "Permission Denied (publickey)"). Any idea what's wrong?
Most probably, you are trying to download a file, to which your default user doesn't have access. Example: downloading a db dump from /tmp/dump/ to which only root user has access.
If that is the case, ssh on the instance, move/copy the file to a location accessible for your user, and make it the owner of the file, and then ssh out and scp.